99.9% of fixable AI vulnerabilities remain unpatched
Organizations build, deploy, and operate AI in the cloud, but basic cybersecurity hygiene is often sacrificed for speed, according to Orca Security’s 2026 State of AI Security …
Enterprises are rethinking where their AI applications run
Growing demand for compute capacity, power, cooling and low-latency connectivity is prompting organizations to reassess where AI applications run, according to CoreSite. …
Only 28% of financial workforce MFA is phishing-resistant
Passwords remain part of many workforce authentication flows in financial organizations, making phishing and credential theft major identity security risks, according to a new …
Messaging fraud trends point to smarter attacks, stronger blocking
Fraudsters spent 2025 investing in scale. New routes, new tools, and higher message volumes moved through the SMS, voice, and chat channels that businesses rely on to reach …
Thousands of malicious AI skills found capable of stealing data, running malware
AI agents can browse the web, use external tools, execute commands, and perform tasks on behalf of users. Many rely on skills that define how they interact with services and …
OpenAI and Anthropic are pulling in different directions
Companies are handing routine operational decisions to AI agents that plan, remember, and act on their behalf. These agents run on statistical models, and their behavior can …
Power shortages could slow AI data center expansion
AI adoption is increasing demand for data center capacity at the same time operators are running into limits around power, equipment, land, and permitting, according to NTT …
OAuth, guest accounts, and weak MFA drive SaaS risk
Organizations often create guest accounts to give contractors, suppliers, and partners temporary access to files and SaaS applications. Many of these accounts remain active …
The future of payment fraud could be automated
Payment fraud is becoming more organized as criminal groups use fake websites, large-scale operations, and, in some cases, forced labor to steal money and personal …
Organizations struggle to prioritize known cyber risks
Organizations collect more cyber risk data than ever, with many still struggling to build a unified view of their exposure. The latest State of Threat Management report from …
What the AI patch gap means for enterprise security
Open-source maintainers are receiving more vulnerability reports than they can act on, and a rising share now comes from an AI system working at machine speed. Over roughly …
AI-generated code risks reach security, legal, and compliance teams
Most engineering organizations write code with AI, and a good number of them keep that code away from customers. A Flux survey of engineering leaders and practitioners found …
Featured news
Resources
Don't miss
- Why SBOMs, signing, and provenance still don’t tell you if software is safe
- Cynative: Open-source deep research agent
- Microsoft demystifies how Windows updates work
- A hardware security AI assistant that checks chips for hidden backdoors
- July 2026 Patch Tuesday forecast: Is CVE tracking still practical?